<%@ page import="java.sql.ResultSet" %>
<%@ page import="java.util.regex.Pattern" %>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<%@ include file="/common/config.jsp" %>
<html>
<head>
    <title></title>
</head>
<body>

<%
    request.setCharacterEncoding("UTF-8");
    String msg = "";
    String id = request.getParameter("id");
    String name = request.getParameter("name");
    String password = request.getParameter("password");
    String password2 = request.getParameter("password2");
    String phone = request.getParameter("phone");
    String clazz = request.getParameter("clazz");
    String homePath = request.getParameter("homePath");
    String sql = "";
    String patten = "^[\u4e00-\u9fa5]{2,4}$";
    if (!Pattern.matches(patten, name)) {
        conn.close();
        msg = "姓名必须是2-4位的汉字";
        request.setAttribute("msg", msg);
        request.getRequestDispatcher("add.jsp").forward(request, response);
    }

    patten = "^(13[0-9]|14[5|7]|15[0-9]|18[0|1|2|3|5|6|7|8|9]|177|166)\\d{8}$";
    if (!Pattern.matches(patten, phone)) {
        conn.close();
        msg = "手机号码必须是11位合法中国大陆手机号";
        request.setAttribute("msg", msg);
        request.getRequestDispatcher("add.jsp").forward(request, response);
    }

    patten = "^[0-9A-za-z]{6,12}$";
    if (!Pattern.matches(patten, password)) {
        conn.close();
        msg = "密码只能是由3-12位数字，大写字母，小写字母组成的字符串";
        request.setAttribute("msg", msg);
        request.getRequestDispatcher("add.jsp").forward(request, response);
    }
    if (!password.equals(password2)) {
        conn.close();
        msg = "两次密码输入不一致，可能在前端代码遭到篡改，请查看";
        request.setAttribute("msg", msg);
        request.getRequestDispatcher("add.jsp").forward(request, response);
    }

    if (!"其他".equals(clazz)) {
        sql = "select DISTINCT clazz from t_user";
        boolean clazzFlag = false;
        ResultSet rsClazz = stmt.executeQuery(sql);
        while (rsClazz.next()) {
            if (clazz.equals(rsClazz.getString("clazz"))) {
                clazzFlag = true;
                break;
            }
        }
        if (!clazzFlag) {
            conn.close();
            msg = "班级信息在前端遭到篡改，请检查";
            request.setAttribute("msg", msg);
            request.getRequestDispatcher("add.jsp").forward(request, response);
        }
    }

    if (homePath.contains("script")) {
        conn.close();
        msg = "前端非法进行脚本注入攻击，请检查";
        request.setAttribute("msg", msg);
        request.getRequestDispatcher("add.jsp").forward(request, response);
    }

    sql = "UPDATE t_user SET `NAME`='" + name + "',PHONE='" + phone + "',`PASSWORD`='" + password + "',CLAZZ='" + clazz + "',HOME_PATH='" + homePath + "' WHERE id='" + id + "'";
    try {
        stmt.execute(sql);
        out.print("<center>");
        out.print("修改成功，3秒钟之后跳转到列表页面！");
        out.print("</center>");
        response.setHeader("refresh", "3;URL=query.jsp");

    } catch (Exception e) {
        out.print("出错了：" + e.getMessage() + "<br>");
        out.print("<a href='add.jsp'>返回添加</a>");
    }
    conn.close();

%>


</body>


</html>
